Compliance is a fundamental pillar to effective risk management at any company. However, simply complying with laws and regulations without considering the broader threat landscape can result in disaster. Certainly, a balance between compliance and risk is necessary. Ensuring compliance represents an organization's starting point, not the endgame, should be a priority.

In a dynamic threat environment, forward-thinking organizations have concluded that the goal of total protection is elusive and that a risk-based approach to governance and management of cybersecurity is necessary. That is easier said than done, as the way most information security professionals measure risk today fails to quantify threats in terms the business can understand and use. In this CPE accredited webinar, our panel of experts will discuss:

How can enterprises shift from a reactive approach to privacy and data security to being proactive and closer to privacy-and-security-by-design? Join this panel of experts to get the answer to all of your privacy, security and compliance questions.

Viewers can learn more about:
- Effect of GDPR: One year later
- How are enterprises instituting changes to achieve and maintain compliance
- Challenges to achieving compliance in an IoT world
- How to bake privacy and security into your processes
- Best practices for data protection and privacy from the ground up

With today's enterprises leveraging around 1000 applications and multiple clouds, application security is becoming a key area of focus. Application security testing is being integrated into the DevOps process early on, while automation, speed and coverage and becoming critical to the success of DevSecOps programs.

Join this interactive panel of industry experts to learn more about:
- Why application security is critical
- Key principles for building application security into DevOps
- Best practices for leveraging automation
- Speed vs Security: Where do you draw the line?
- Recommendations for improving security in 2019

Today's CISO faces a myriad of challenges when it comes to securing the enterprise. From budgetary concerns and vendor confusion to dealing with the chronic lack of cyber talent, to addressing the disappearing security perimeter, CISOs are looking for ways to automate security operations and leverage AI to do more with existing teams and fewer tools.

Join security experts across the industry for an interactive discussion on:
- What keeps CISOs up at night
- Strategies for breach prevention
- Strategies for making the most of AI technology and human talent
- Coping with analyst fatigue
- Threats on the horizon
- Recommendations for strengthening security

The ever-growing Internet of Things continues to pose security and privacy threats. How are businesses managing the risks associated with IoT devices on their networks? What are the best strategies for achieving basic security and cyber hygiene?

Join this interactive panel with IoT and security experts to learn more about:
- Impact of IoT on enterprise security
- How to assess the IoT risk
- Most common IoT vulnerabilities and how to address them
- Recommendations for improving IoT security

The cloud strategy of today's enterprise spans across multiple clouds and hundreds of applications. Point security solutions no longer work, so enterprises are turning toward a more orchestrated approach to achieving security and compliance in the cloud.

Join cloud and security leaders in an interactive discussion to learn about:
- Key security and compliance challenges associated with a multi-cloud strategy
- Recommendations for managing and automating security across multiple clouds and applications
- The future of cloud
- Improving enterprise security in an ever-changing threat landscape

Colin Whittaker with panelists from Bitsight, Lockpath, OneTrust, and ProcessUnity.

In today’s interconnected technology ecosystem, companies increasingly rely on third party vendors to meet their operational needs. However, the current state of vendor risk management (VRM) is bleak. More than half of all information security breaches are caused by third-party vendors, and according to Deloitte 83% of today’s business leaders lack confidence in third party VRM processes.

Understanding and managing cyber risk posed by vendors, suppliers, and third parties has proven to be a difficult task. The right mix of people, processes, and technology result in the most effective and comprehensive program. Join this CPE accredited panel webinar as our expert panel address some key steps to master VRM, including:

The largest threat of organisational breach occurs at the Endpoint level. Hacks, phishing, malware and untrained end users are a constant risk that need safeguards and monitoring to protect individuals and businesses with strong IT security. Small changes to your endpoints can drastically improve your protection. However, when you manage one or more businesses and need to implement and maintain these changes across multiple machines or environments, different complications will arise.

What is cyber threat intelligence, and how can organizations leverage it to identify threats and potential malicious activity in advance? Discover the best ways organizations can arm themselves with actionable threat intelligence to block cyber attacks or mitigate their impact.

Join this panel of experts to learn more about:
- Cyber threat intelligence: What it is and how you can use it
- What's new in phishing, banking trojans, Mirai, ransomware
- Emerging threats and what to do about them
- Best practices for a more secure enterprise

Find out what's trending in BrightTALK's IT Security community and the challenges keeping security professionals up at night.

Join Marija Atanasova, Sr. Content Strategist from BrightTALK for an interactive Q&A session to learn more about:
- The biggest trends in cyber security
- Trending topics from the beginning of the year
- The tools and challenges CISOs and security professionals deal with daily
- What to expect in the next 3, 6, 12 months

In an age where cybersecurity threats are an everyday fact of life, organizations are looking for solutions that enable them to predict, prepare and react to the shifting landscape of cyber threats, and implementation of adaptive cyber security strategies is becoming inevitable to achieve that goal.

Adaptive cyber security methods allow for the simultaneous defense of multiple attack surfaces against this new wave of advanced cyber attacks targeting businesses and services. The NIST Cybersecurity Framework enables organizations — regardless of size, degree of cybersecurity risk, or cybersecurity sophistication — to apply the principles and best practices of risk management to improving security. Attend this CPE webinar to gain insights on:

- Getting a clear picture of the current health of your organizations' defenses
- Defining your security road map using NIST CSF as a framework
- Conducting gap analysis and executing remediation actions
- Mapping the NIST CSF with security controls and built-in reporting templates that align with the framework.

Successful security programs explain the situation, the risks, and the options available in a way that is both simple and true. Damrod draws on military analytical frameworks to develop map models that accurately depict the cyber terrain and guide the generation of a series of overlays. These build to create an Effects based plan suitable for Governance, Risk, and Compliance needs.

Join this webinar for an introduction to the cyber-as-conflict model developed by Damrod.

Cybersecurity, much like safety, cannot be achieved - it is an ongoing process that changes and adjusts to respond to the threat landscape, business needs and resources. As essential a cybersecurity strategy is to the enterprise, so is the implementation of it.

Join us for an interactive Q&A panel with security leaders to learn more about how to operationalize cybersecurity.

There is too much fear and derision from the old guard of cybersecurity. Big breaches are used as justification for sales pitches and pedestals to mock the victims. While it is undeniable that cybercrime continues to grow, and future of cyber conflict is contested, there is good cause to think we are doing better than we imagine.

And that we can win in the future.

No competitive team enters a contest with a ‘let’s catch up’ mentality. Leaders inspire us to victory. CISO’s need to fill to role of champion and present a positive message – ‘we can win’.

Join this talk with industry thought leaders as we discuss the state of the conflict and emergent tactics from AI to insurance that promise to re-define cyber defence.

Global spend on cybersecurity solutions will grow 33%, reaching $134 billion annually by 2022. Attackers are becoming more sophisticated and the threat of data breaches is bigger than ever. CISOs from around the world will discuss why security is a key focus for investment and how to employ the best strategy for your enterprise.

In this webinar, Mark Chaplin, Principal, ISF will discuss how to communicate your security strategy to the board.

Join us for this webinar that will present an advanced data science approach to detecting anomalous behavior in complex systems like the typical corporate network that your IT Security team is trying to defend. Generalized anomaly detectors, without tuning for a specific use case, almost always result in high false alarm rates that lead to analyst alert fatigue and a detector which is effectively useless. In this session, Brenden Bishop, Data Scientist at the Columbus Collaboratory, will present an open source tool and best practices for building specific, repeatable, and scalable models for hunting your network’s anomalies. Through iteration and collaboration, defenders can hone in on interesting anomalies with increasing efficiency.

No organization’s suite of business applications is static, especially for businesses that have committed to non-stop innovation. It is not uncommon for businesses to integrate only their high-impact applications with their existing identity and access management (IAM) systems. This can cause a huge surge in manual work, and oftentimes enterprises dedicate hundreds of human agents to manage accounts, adding more as new business applications are added. Enterprises can sidestep significant costs, increase efficiency, manage risk and deliver undiscovered value, by properly leveraging automation technologies across IAM systems.

Robotic process automation (RPA) is a powerful technology that harmonizes different systems across an organization’s environment, reduces human errors, provides 24/7 operations, and relieves employees from repetitive tasks so they can focus on more valuable activities. For example, data quality management in the risk and compliance processs has been a traditional pain area for many institutions, as it is very time consuming and manual. However, a cognitive RPA solution which combines machine learning capabilities can enable fast automated remediation of data quality issues, and the system can learn from the final decisions taken by the data analyst as well. Attend this CPE webinar for insights on:

- Getting started with an access management program.
- Evaluating the right configuration and system-based tools to automate processes at a task level, and align to your process automation strategy.
- Leveraging advanced analytics in risk management, compliance, and continuous monitoring programs.
- Embedding governance, risk management, and controls into your enterprise’s mobilization and deployment of RPA, so you can catch issues before they arise.

Join us for this webinar that will recommend how to deal with your “big data” problem when dealing with the massive volume of raw, unprocessed data points from your network security sensors. Hint: don’t start with the data and attempt to drill down to the problem. Instead, as Slava Nitikin, Data Scientist from the Columbus Collaboratory will explain, you must start by the defining problem, building a threat model, and then focusing on the corresponding signals in your sensor data. We will walk through the use case for an Active Directory password spraying attack to demonstrate how to define and apply appropriate filters to your security data for faster detection, more accurate threat scoring and more effective security overall.

This webinar from Women in CyberSecurity (WiCyS) and the Security Industry Association (SIA) will present the findings of The Cybersecurity Imperative research project produced by WSJ Pro Cybersecurity and ESI ThoughtLab and sponsored by SIA. We will share insights into how 1,000-plus organizations around the globe measure their cybersecurity preparedness and how they are preparing for future cyber threats.

In this 45-minute program, we’ll also share a new tool that allows you to compare your own organization’s preparedness to the aggregated data of study participants.

Are traditional awareness raising campaigns (e.g. CBT, phishing simulations) affording sufficient protection against ever evolving cyber-attacks? With human errors being the #1 cause of security incidents and data breaches, it is now a CISO imperative to tackle behavioural change and effectively manage the human risk. This recognised need reflects the acceptance that how the workforce behaves is dependent on the shared beliefs, values and actions of its employees, and that this includes their attitudes towards cybersecurity.

Key topics covered in this presentation:
• People-related challenges and frustrations the industry is facing
• Why a new approach to awareness and culture is required
• Innovative approaches adopted by leading organisations

Your organisation can only be secure if you make people your strongest defence. Attend this session to discuss how to turn your human risk into your biggest advantage in cyber security!

Flavius Plesu:
A business-focused cyber security leader, Flavius has held senior security positions both within the public and the private sector and has lead a number of enterprise-wide security transformation programmes, in complex global organisations. Passionate about solving real industry problems, cultivating and building teams to deliver on the organisation’s mission, values and goals.

Alongside his role as a Head of Information Security at Bank of Ireland UK, Flavius is also one of the Founders of OutThink, a team of CISOs and security practitioners who are changing the way in which organisations engage with their employees to shape behaviours and manage human risk in the context of cyber security.

This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.